漏洞描述
【漏洞对象】Drupal 【涉及版本】 7.58之前的Drupal,8.3.9之前的8.x,8.4.6之前的8.4.x和8.5.1之前的8.5.x 【漏洞描述】7.58之前的Drupal,8.3.9之前的8.x,8.4.6之前的8.4.x和8.5.1之前的8.5.x允许远程攻击者执行任意代码,因为这样会影响具有默认或通用模块配置的多个子系统。
Drupal Drupalgeddon 2 远程代码执行漏洞 (CVE-2018-7600)
PoC代码
暂无相关漏洞推荐
-
CVE-2014-3704: Drupal SQL Injection POC
2025-08-01 | DrupalThe expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not... -
CVE-2018-7600: Drupal - Remote Code Execution POC
2025-08-01 | DrupalDrupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attac... -
CVE-2018-7602: Drupal - Remote Code Execution POC
2025-08-01 | DrupalDrupal 7.x and 8.x contain a remote code execution vulnerability that exists within multiple subsyst... -
CVE-2018-1000600: Pre-auth Fully-responded SSRF POC
2025-09-01 | Pre-authA exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier... -
CVE-2018-1000861: Jenkins 2.138 Remote Command Execution POC
2025-09-01 | JenkinsA code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier...